Tutorial: John the Ripper – Why You Are Doing It Wrong – ethicalhacker.net
In a professional penetration test, we don’t always have the time to allow JTR to run to completion, and we must rely on some additional techniques to speed things up including the use of wordlists or dictionaries.

Yet Another WordPress Security Post – Part One – sucuri.net
Information security is everyone’s responsibility, which means It starts with you. If you’re doing everything in your power to mitigate risk from your end, you’re less likely to end up with a website serving Viagra ads on Google.

Tools:

Two New HTTP POST Attack Tools Released – sectechno.com
Currently there is two free utility that may perform this attack d “R U Dead Yet?” and OWASP HTTP POST Tool tool offers unattended execution by providing the necessary parameters within a configuration file.

sqlinject-finder – code.google.com/p/sqlinject-finder/
Simple python script that parses through a pcap and looks at the GET and POST request data for suspicious and possible SQL injects. Rules to check for SQL injection can be easily added. Output can be printed neatly on the command line or in tab delimited format.

cvechecker 2.0 – cvechecker.sourceforge.net/
Version 2.0 is now available for this vulnerability detection tool.

Javasnoop – code.google.com/p/javasnoop/
JavaSnoop attempts to solve this problem by allowing you attach to an existing process (like a debugger) and instantly begin tampering with method calls, run custom code, or just watch what’s happening on the system.

Episode #123: Bad Connections – commandlinekungfu.com
Similar to last week, this week’s challenge comes from Tim’s friend who is mentoring a CCDC team. The mentor was interested in creating some shell fu that lets them monitor all network connections in and out of a system and get information about the executable that’s handling the local side of the connection.

Packet Payloads, Encryption and Bacon – packetstan.com
Over the years I’ve used a couple of techniques to evaluate the content of packet captures to determine if the traffic is encrypted or just obfuscated.

All your drives are belong to us – fortinet.com
A new Ransomware module was recently discovered by Fortiguard Labs. When a machine infected with this Ransomware is restarted, the user is greeted with the following boot screen.

Windows PE Header – marcoramilli.blogspot.com
Each executable file has a Common Object File Format COFF which is used from the OS loader to run the program. Windows Portable Executable (PE) is one of the COFF available in todays OS. For example the Executable Linking File (ELF) is the main Linux COFF.

Exploit Code Out For New Windows Kernel Flaw – threatpost.com
The new Windows kernel bug is considered a critical vulnerability, even though it can’t be exploited remotely, thanks to the fact that an attacker could use it gain powerful credentials on a compromised system and take complete control of the machine.

Vendor/Software Patches:

New Tool Patches Offline VMs – darkreading.com
Nuwa, named after the Chinese goddess who patched a hole in the sky, aims to fix cloud computing security hole.

Other News:

Savannah.gnu.org hacked and currently offline – sucuri.net
There’s been a SQL injection leading to leaking of encrypted account passwords, some of them discovered by brute-force attack, leading in turn to project membership access.

FBI Identifies Russian ‘Mega-D’ Spam Kingpin – krebsonsecurity.com
Federal investigators have identified a 23-year-old Russian man as the mastermind behind the notorious “Mega-D” botnet, a network of spam-spewing PCs that once accounted for roughly a third of all spam sent worldwide.

Spyware threat invades BlackBerry App World – globalthreatcenter.com
In summary, threats posed by mobile applications exist –even if an application is hosted by Apple’s App Store or RIM’s App World both known for vetting submitted applications to ensure that the applications meet guidelines.

U.S. Sees 93.7% Drop in Data Breaches from 2009 to 2010 – imperva.com
An analysis that used data from the Privacy Clearinghouse, a public database that records all breaches of U.S. citizens’ personal and sensitive information, showed 230M data records taken in 2009 and 13M taken in 2010.

Simulation Testing and the EICAR test file – eset.com
At the EICAR 2010 conference in Paris, an interesting student paper was presented that used the EICAR file to make some points about the ways in which AV software works (or is presumed to work).

Leave A Comment

About Us

Infosec Events is dedicated to the growing information security industry. We strive to provide useful information and resources to those in the industry. Don't hesitate to contact us should you need anything.